Alibaba Cloud Express Connect
Alibaba’s private interconnection service is called Express Connect. Alibaba Express Connect enables customers to create private connections between their remote network environments and their Virtual Private Cloud (VPC) deployments.
When connecting to Alibaba Cloud services via Express Connect with Megaport, the Virtual Cross Connect (VXC) forms the Layer 2 component of the connection and Layer 3 BGP is established directly between the customer and their private environment build with Alibaba Cloud VPC.
Benefits of Creating Alibaba Express Connections with Megaport
- Enhanced security and higher network performance
- Scalable connectivity options
- API integration between Megaport and Alibaba which simplifies the provisioning of connections for a fast and seamless experience
- Connect to Alibaba Cloud on-ramp locations via ANY of the Megaport enabled locations worldwide
Key Alibaba Cloud terms to understand:
- Virtual Private Cloud (VPC)
A custom private network established on Alibaba Cloud. VPCs are logically isolated from each other. You can create and manage instances such as ECS, Server Load Balancer, and RDS, in a VPC.
- Virtual Border Router (VBR)
You can create multiple virtual border routers on a physical connection. Each VBR is responsible for forwarding the data of a VLAN in Alibaba Cloud. With VBR, you can transmit your data directly to any region of Alibaba Cloud.
The hub of VPCs connecting all VSwitches in a VPC and serving as a gateway device that connects the VPC to other networks. It forwards network traffic according to route entries.
- Router Interface (RI)
A router interface (or VRouter interface) is a virtual network device. It can be attached to a VRouter to create an Express Connect with another VRouter interface, delivering an intranet connection between different networks.
How to Create a VXC to Alibaba Cloud:
- You will need to have Alibaba account created in Alibaba Console. Your account number will be used to establish your Megaport VXC.
VXC Deployment Steps
First, you will need to log in to your Alibaba Cloud Console to retrieve your Account ID..
Once logged in, click on your Avatar icon located in the top right-hand corner.
Next, copy your Account ID.
Create a VXC in the Megaport Portal:
- Create an Express Connect: Provision a VXC in the Portal to your chosen Alibaba Express Connect Peer location.
To create an Alibaba Express Connect VXC, click ‘+Connection’ on the Megaport to which you want to attach your VXC. An example below reflects ‘Alibaba Express Connect’ as the customer-named Megaport selected. If you haven’t connected to Megaport before, please follow the steps for establishing a Port here.
Next, select Cloud tile.
Next, select the provider as ‘Alibaba Cloud’.
Select your chosen target location for your connection and click.
To finish the configuration, simply fill in the left-hand panel:
- Name Your Connection – This is a free text field allowing you to assign an easily identifiable name for this connection.
- Rate Limit – Enter the same rate you would like to apply to your VXC.
A-End VLAN – This is the VLAN for this connection that you will receive via the Megaport. This must be a unique VLAN ID on this Port. You can also select the toggle to ‘untag’ this VXC. This will remove the VLAN tagging for this connection but will also mean that only one VXC (Service)can be deployed on this Port.
Click ‘Next’. In the next window, paste the Account ID copied from your Alibaba Console in the field provided and click ‘Next’.
Once you have finished this configuration, you are ready to add the VXC to your cart and configure further VXCs or proceed through the checkout process.
Once you have completed and deployed the VXC in the Portal, go back to your Alibaba Console. In the Alibaba Console, under the Express Connect section, you will find the connection just created in the Portal under Virtual Border Router (VBR). It will take a few minutes from the time you deploy the VXC to the connection showing up in the Alibaba Console. Make sure you select the Express Connect Region you selected in the Portal to find your connection under VBR. In this example, it would be US-East1 (Virginia).
Next, click ‘Confirm Creation’
In the next window, you will be asked to complete the VBR information. Complete the ‘Name’ and ‘Description’ fields as you like with no spaces. Next, input the Private IPs that will be used to set up BGP between your CE and Alibaba VBR. You can use a /30 or /31 represented by the subnet mask. In this example /30 subnet mask 255.255.255.252 was used.
Next, click ‘OK’
Note: the status will now reflect normal. Your Layer 2 connection has now been established and the process of creating the Megaport VXC is now complete.
Next, you need to establish BGP. This requires you to create ‘BGP Group’ and ‘BGP Peer’ in the Alibaba Console. For more detail on setting up BGP and attaching your Express Connect to your VPC, reference this page.
Additional notes to reference when setting up BGP:
- VBR only supports building BGP peers with a peer on-premises IDC, and still need to use static routing to communication with a VPC.
- The supported BGP version is BGP4.
- VBR supports IPv4 BGP but does not support IPv6 BGP.
- Up to eight BGP peers can be created under each VBR.
- Up to 100 dynamic route entries can be added to a BGP peer.
- The Alibaba Cloud-side ASN is 45104. The customer side can transmit 2-byte or 4-byte ASN.